BaseIncomplete

CWE-822Untrusted Pointer Dereference

Category: memory

Description

The product obtains a value from an untrusted source, converts this value to a pointer, and dereferences the resulting pointer.

Common consequences· 3

  • Confidentiality — Read Memory
    If the untrusted pointer is used in a read operation, an attacker might be able to read sensitive portions of memory.
  • Availability — DoS: Crash, Exit, or Restart
    If the untrusted pointer references a memory location that is not accessible to the product, or points to a location that is "malformed" or larger than expected by a read or write operation, the application may terminate unexpectedly.
  • Integrity / Confidentiality / Availability — Execute Unauthorized Code or Commands, Modify Memory
    If the untrusted pointer is used in a function call, or points to unexpected data in a write operation, then code execution may be possible.

Related CAPEC attack patterns· 1

CAPEC-129

References

  1. https://cwe.mitre.org/data/definitions/822.html

Exploits (incoming)1

TypeTargetConfidenceTier
AttackPatternPointer Manipulationcapec-129100%live

(incoming)16

TypeTargetConfidenceTier
VulnerabilityCVE-2025-1255cve-2025-12550%live
VulnerabilityCVE-2025-20018cve-2025-200180%live
VulnerabilityCVE-2025-24084cve-2025-240840%live
VulnerabilityMicrosoft Windows Untrusted Pointer Dereference Vulnerabilitycve-2025-249900%live
VulnerabilityCVE-2025-27060cve-2025-270600%live
VulnerabilityCVE-2025-4993cve-2025-49930%live
VulnerabilityCVE-2025-50165cve-2025-501650%live
VulnerabilityCVE-2025-62549cve-2025-625490%live
VulnerabilityCVE-2026-33114cve-2026-331140%live
VulnerabilityCVE-2026-33120cve-2026-331200%live
VulnerabilityCVE-2026-40367cve-2026-403670%live
KEVEntryMicrosoft Streaming Service Untrusted Pointer Dereference Vulnerabilitykev-cve-2023-293600%live
KEVEntryMicrosoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerabilitykev-cve-2023-360330%live
KEVEntryMicrosoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerabilitykev-cve-2024-213380%live
KEVEntryMicrosoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability kev-cve-2024-352500%live
KEVEntryMicrosoft Windows Untrusted Pointer Dereference Vulnerabilitykev-cve-2025-249900%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
NULL Pointer Dereference
CWE
Use of Out-of-range Pointer Offset
CWE
Unchecked Return Value to NULL Pointer Dereference
CWE
Expired Pointer Dereference
CWE
Access of Uninitialized Pointer
CWE
Buffer Over-read
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.